package com.oa.hyperion.core.shiro;

import com.oa.hyperion.exception.http.ForbiddenException;

import com.oa.hyperion.utils.JwtUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

public class UserRealm extends AuthorizingRealm {
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return null;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
       //将AuthenticationToken转换成BearToken
        BearerToken bearerToken = (BearerToken) authenticationToken;
        //获取jwt
        String jwt = bearerToken.getToken();
        //判断jwt不存在
        if(jwt == null || "".equals(jwt)){
            //抛出账户未登录异常
           throw new ForbiddenException(50003);
        }
        //验证jwt
        Boolean aBoolean = JwtUtils.verifyToken(jwt);
        if(!aBoolean){
            throw  new ForbiddenException(50003);
        }
        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(jwt,jwt,getName());
        return   simpleAuthenticationInfo;
    }

    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof BearerToken;
    }
}
